Data Protection

TalkTalk and BA Data Breaches – Aftershocks!

The dust has not yet settled on the Information Commissioner’s fine imposed on British Airways (BA) in October 2020, but the company now faces the largest group claim over a data breach in the UK’s history. A similar claim has been brought against TalkTalk following a 2014/15 cyber-attack on the telecoms giant, though in that case far fewer people were affected. With not only hefty regulatory fines and reputational damage but also the threat of expensive civil litigation for data breaches, the pressure is on for data controllers and processors to check they are doing enough to protect their customers personal data.

Read more

‘UK-US Data Sharing Treaty – A Welcome Recognition of Reality’ BCL Partners write for Privacy Laws & Business’s International Report

BCL partners Michael Drury and Julian Hayes have contributed the chapter titled ‘UK-US Data Sharing Treaty – a welcome recognition of reality’ as part of Privacy Laws & Business‘ Data Protection & Privacy Information International report.

Read more

£18.4 million Marriott International GDPR fine announced by ICO; what did we learn?

On October 30th, 2020, The Information Commissioner’s Office (“ICO”) announced its fine of £18.4 million issued to Marriott International, Inc., (“Marriott”) for violations of the General Data Protection Regulation (“GDPR”). This is a significant decrease from the proposed fine of £99.2 million announced by the ICO in July 2019 (see our previous article here) against the background of Marriott’s security breach reported to have lasted some four years between 2014 to 2018, with the fine relating to the breach only from the point at which the GDPR came into force in May 2018. It is the second largest GDPR fine levied by the regulator thus far, behind that imposed on British Airways. To date, Marriott has not admitted liability for the breach, but the major international hotel operator has indicated that it does not plan to appeal the decision.

Read more

The UK’s National Data Strategy – Too Much Love?

“We want the UK….to be the best place in the world to start and grow a digital business”. With this ambitious aim, the Government has laid out its National Data Strategy, focusing on unlocking the value of data, establishing a pro-growth data protection regime, and championing international data flows to promote economic development. Already a feted success, the UK’s digital sector now stands behind only the US and China in global venture capital funding and directly employs more than 1.5 million people in London and other major UK cities. Despite its laudable aspiration, however, the Data Strategy signals post-Brexit regulatory intentions which risk inhibiting and choking off the future growth of this successful UK industrial sector.

Read more

Online Harms Regulation – Sanctions But Not Criminal Liability?

In April 2019, the UK published an Online Harms White Paper proposing a broad new statutory duty of care for social media companies and platform providers to tackle widespread concerns about a host of online issues, from terrorist and child sexual abuse content to cyber bullying and trolling. More than 18 months on, BCL’s Greta Barkle asks where have the proposals got to?

Read more
1 2 3